05:01 GMT +319 October 2019
Listen Live
    Air National Guard soldiers monitor computer screens

    Pentagon Failed to Secure Most Cyber Vulnerabilities in the Last Year

    © AP Photo / Ted S. Warren
    Get short URL

    In the span of one year, the Pentagon only managed to address fewer than half of the cybersecurity recommendations to secure vulnerabilities pointed out by its inspector general's office.

    Between August 1, 2014 and July 31, 2015, the Defense Department addressed 93 of 229 cyber recommendations, according to a summary of a new audit released by the inspector general's office.

    The Pentagon left the remaining 136 recommendations unresolved. All of the recommendations "required management action," the summary said.

    During the one-year-span, the Government Accountability Office and DoD's own auditing groups released 20 reports and testimony covering cybersecurity weaknesses including in risk management, identity and access management, and contingency planning, according to the summary.

    Last month, Terry Halvorsen, the Pentagon's chief information officer said it wants to eventually automate cyber defense. For now, officials are tackling simpler tasks, including automatically patching updates.

    "At a certain point, I want to be able to have some cyber defense completely automated where a certain set of conditions occur, and the system takes its own response," Halvorsen said.

    The release of the report's summary follows remarks from Admiral Michael Rogers, Cyber Command chief, who said the Pentagon's  former practice of connecting networks, equipment, and weapons to the open Internet has unintentionally created major vulnerabilities throughout the DoD.

    The strategy has jeopardized Pentagon networks and much of what the defense industry has developed over several decades, Rogers told the Senate Armed Services Committee on Tuesday.

    cyber threats, cybersecurity, US Department of Defense (DoD), Pentagon, Terry Halvorsen, Michael Rogers, United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik